Changes between Version 6 and Version 7 of UhlLinuxServer Risk Assessment

Timestamp:

08/26/16 14:15:38 (8 years ago)

Author:

Richard Bramley

Comment:

--

UhlLinuxServer Risk Assessment

@@ -13 +13 @@
 === 1.2 Likelihood
 
-- 1.2.1 The servers are available on the Internet and so open to attack
+- 1.2.1 The servers are available on the UHL Intranet and so an attack is unlikely
 
 === 1.3 Mitigation
 
-- 1.3.1 Access via ssh is only allowed from within the University of Leicester
-- 1.3.2 Servers are behind a proxy server, which attackers would have to compromise before accessing the server itself.
-- 1.3.3 Only ports 80 and 443 communication is allowed through the proxy server
-- 1.3.4 VMs are backed up daily to allow a restore if a corruption occurs
-- 1.3.5 Software is available online or from source repositories (SVN or Git)
+- 1.3.1 Access via ssh is only allowed from within UHL
+- 1.3.2 VMs are backed up daily to allow a restore if a corruption occurs
+- 1.3.3 Software is available online or from source repositories (SVN or Git)
 
 === 1.4 Improvements
@@ -38 +36 @@
 === 2.2 Likelihood
 
-- 2.2.1 The servers are available on the internet and so open to attack
+- 2.2.1 The servers are available on the UHL Intranet and so an attack is unlikely
 
 === 2.3 Mitigation
 
-- 2.3.1 Database users are only allowed to connect from the local host.
-- 2.3.2 Database port are only available from the local host.
-- 2.3.3 VMs are backed up daily to allow a restore if a corruption occurs
-- 2.3.4 Databases are backed up daily with a history of 3 months to allow for recovery
-- 2.3.5 Database server can only write data to the temp and database directories
+- 2.3.1 VMs are backed up daily to allow a restore if a corruption occurs
+- 2.3.2 Databases are backed up daily with a history of 3 months to allow for recovery
+- 2.3.3 Database server can only write data to the temp and database directories
 
 === 2.4 Improvements
@@ -67 +63 @@
 === 3.3 Mitigation
 
-- 3.3.1 Use LDAP to connect to servers to disallow sharing of passwords
-- 3.3.2 Remove user accounts as soon as employees leave.
-- 3.3.3 Backups of VMs are kept securely off site.
-- 3.3.4 Software is kept in source repositories, which track changes and can be restored back to any point.
+- 3.3.1 Remove user accounts as soon as employees leave.
+- 3.3.2 Backups of VMs are kept securely off site.
+- 3.3.3 Software is kept in source repositories, which track changes and can be restored back to any point.
 
 === 3.4 Improvements
@@ -83 +78 @@
 === 4.2 Likelihood
 
-- 4.1.3 Applications are visible on the internet so attacks will occur
+- 4.2.1 The servers are available on the UHL Intranet and so an attack is unlikely
 
 === 4.3 Mitigation
 
-- 4.3.1 Use Apache config to restrict access to University of Leicester Network were appropriate
-- 4.3.2 Enforce a strong password policy
-- 4.3.3 Use LDAP authentication where possible
+- 4.3.1 Enforce a strong password policy
+- 4.3.2 Use LDAP authentication where possible
 
 === 4.4 Improvements
-
-- 4.4.1 Investigate what measures are installed on the proxy to mitigate against attack [[#578]]
 
 == 5 Communication Interception
@@ -103 +95 @@
 === 5.2 Likelihood
 
-- 5.2.1 Applications are visible on the internet so attacks will occur
+- 5.2.1 The servers are available on the UHL Intranet and so an attack is unlikely
 
 === 5.3 Mitigation
@@ -122 +114 @@
 === 6.2 Likelihood
 
-- 6.2.1 Vulnerabilities in software are constantly coming to light and internet available sights are always at risk.
+- 6.2.1 Vulnerabilities in software are constantly coming to light, but sites are only visible within the UHL network.
 
 === 6.3 Mitigation
 
 - 6.3.1 Software is kept up to date
-- 6.3.2 Exploits often involve opening SSH ports, that are restricted through the proxy
-- 6.3.3 Applications are run as a restricted user account that does not have permission to make configuration changes
+- 6.3.2 Applications are run as a restricted user account that does not have permission to make configuration changes
 
 === 6.4 Improvements